This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch master updated. glibc-2.28.9000-102-gd6c44c3
- From: fw at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 28 Aug 2018 15:15:44 -0000
- Subject: GNU C Library master sources branch master updated. glibc-2.28.9000-102-gd6c44c3
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via d6c44c3d0ca4b8b639803ddccb83b9b8722f45c1 (commit)
from 745664bd798ec8fd50438605948eea594179fba1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=d6c44c3d0ca4b8b639803ddccb83b9b8722f45c1
commit d6c44c3d0ca4b8b639803ddccb83b9b8722f45c1
Author: Florian Weimer <fweimer@redhat.com>
Date: Tue Aug 28 14:02:47 2018 +0200
test-container: EPERM from unshare is UNSUPPORTED
For example, the security policy on the Fedora build daemons results in
this EPERM error.
diff --git a/ChangeLog b/ChangeLog
index 3995e4b..61b12ad 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,10 @@
2018-08-28 Florian Weimer <fweimer@redhat.com>
+ * support/test-container.c (main): Treat unshare failure with
+ EPERM as an unsupported test.
+
+2018-08-28 Florian Weimer <fweimer@redhat.com>
+
[BZ #23520]
nscd: Fix use-after-free in addgetnetgrentX and its callers.
* nscd/netgroupcache.c
diff --git a/support/test-container.c b/support/test-container.c
index ce16e06..2e91bdf 100644
--- a/support/test-container.c
+++ b/support/test-container.c
@@ -871,8 +871,9 @@ main (int argc, char **argv)
/* The unshare here gives us our own spaces and capabilities. */
if (unshare (CLONE_NEWUSER | CLONE_NEWPID | CLONE_NEWNS) < 0)
{
- /* Older kernels may not support all the options. */
- if (errno == EINVAL)
+ /* Older kernels may not support all the options, or security
+ policy may block this call. */
+ if (errno == EINVAL || errno == EPERM)
FAIL_UNSUPPORTED ("unable to unshare user/fs: %s", strerror (errno));
else
FAIL_EXIT1 ("unable to unshare user/fs: %s", strerror (errno));
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 5 +++++
support/test-container.c | 5 +++--
2 files changed, 8 insertions(+), 2 deletions(-)
hooks/post-receive
--
GNU C Library master sources